The critical bug, which gained attention after it was tweeted by developer Lemi Ergin yesterday, lets anyone log into an administrator account using the username “root” and any password, including a blank one.

The security update is rolling out on the Mac App Store now for macOS High Sierra users. Apple recommends installing it as soon as possible.

The vulnerability does not affect macOS Sierra or any other earlier version of Apple’s desktop operating system.Discuss this article in our forums